commit: 025c6670635106959a7f93b054cd1a95141bb4c0 Author: Jason Zaman <jason <AT> perfinion <DOT> com> AuthorDate: Wed Jul 12 04:41:00 2017 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sat Jul 22 10:50:42 2017 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=025c6670
Start of script to handle userspace releases gentoo/release-userspace.sh | 134 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+) diff --git a/gentoo/release-userspace.sh b/gentoo/release-userspace.sh new file mode 100644 index 00000000..0841f77c --- /dev/null +++ b/gentoo/release-userspace.sh @@ -0,0 +1,134 @@ +#!/bin/sh + +# Copyright 2013,2014 Sven Vermeulen <[email protected]> +# Copyright 2017 Jason Zaman <[email protected]> +# Licensed under the GPL-3 license + +RELEASEDATE="${1}"; +NEWVERSION="${2}"; + +PACKAGES=" +sys-libs/libsepol +sys-libs/libselinux +sys-libs/libsemanage +sys-apps/checkpolicy +sys-apps/policycoreutils +sys-apps/selinux-python +sys-apps/semodule-utils +sys-apps/secilc +sys-apps/mcstrans +sys-apps/restorecond +" +# app-admin/setools not released together +# dev-python/sepolgen became selinux-python in 2.7 release + +usage() { + echo "Usage: $0 <release date> <newversion>"; + echo ""; + echo "Example: $0 20170101 2.7_rc1" + echo ""; + echo "The script will copy the live ebuilds towards the"; + echo "<newversion>." + echo ""; + echo "The following environment variables must be declared correctly for the script"; + echo "to function properly:"; + echo " - GENTOOX86 should point to the gentoo-x86 checkout"; + echo " E.g. export GENTOOX86=\"/home/user/dev/gentoo-x86/\""; + echo " - HARDENEDREFPOL should point to the hardened-refpolicy.git checkout"; + echo " E.g. export HARDENEDREFPOL=\"/home/user/dev/hardened-refpolicy/\""; + echo " - REFPOLRELEASE should point to the current latest /release/ of the reference" + echo " policy (so NOT to a checkout), extracted somewhere on the file system." + echo " E.g. export REFPOLRELEASE=\"/home/user/local/refpolicy-20130424/\""; +} + +assertDirEnvVar() { + VARNAME="${1}"; + eval VARVALUE='$'${VARNAME}; + if [ -z "${VARVALUE}" ] || [ ! -d "${VARVALUE}" ]; + then + echo "Variable ${VARNAME} (value \"${VARVALUE}\") does not point to a valid directory."; + exit 1; + fi +} + +# cleanTmp - Clean up TMPDIR +cleanTmp() { + if [ -z "${NOCLEAN}" ]; + then + echo "Not cleaning TMPDIR (${TMPDIR}) upon request."; + else + [ -d "${TMPDIR}" ] && [ -f "${TMPDIR}/.istempdir" ] && rm -rf "${TMPDIR}" + fi +} + +die() { + printf "\n"; + echo "!!! $*"; + cleanTmp; + exit 2; +}; + +# set the release date in the live ebuilds so it will be correct when copying to the new version +setLiveReleaseDate() { + local PKG + local PN + cd ${GENTOOX86} + echo "Setting release date var in live ebuilds... " + + for PKG in $PACKAGES; + do + cd "${GENTOOX86}/${PKG}" + PN="${PKG#*/}" + [[ -f "${PN}-9999.ebuild" ]] || continue; + sed -i "/^MY_RELEASEDATE=/s/.*/MY_RELEASEDATE=\"${RELEASEDATE}\"/" "${PN}-9999.ebuild" + git add . + git --no-pager diff --cached + repoman full && repoman commit -m "$PKG: update live ebuild" + done + echo -e "\ndone" +} + +# Create (or modify) the new ebuilds +createEbuilds() { + local PKG + local PN + cd ${GENTOOX86} + echo "Creating new ebuilds based on 9999 version... " + + for PKG in $PACKAGES; + do + cd "${GENTOOX86}/${PKG}" + PN="${PKG#*/}" + [[ -f "${PN}-9999.ebuild" ]] || continue + [[ -f "Manifest" ]] || continue + sed -i -e "/${PN}-${NEWVERSION//_/-}/d" Manifest || die + cp ${PN}-9999.ebuild ${PN}-${NEWVERSION}.ebuild || die + repoman manifest + git add . + #git --no-pager diff --cached + repoman full + repoman commit -m "$PKG: bump to ${NEWVERSION}" + done + echo -e "\ndone" +} + +if [ $# -ne 2 ]; +then + usage; + exit 3; +fi + +# Assert that all needed information is available +assertDirEnvVar GENTOOX86; +assertDirEnvVar HARDENEDREFPOL; +assertDirEnvVar REFPOLRELEASE; + +TMPDIR=$(mktemp -d); +touch ${TMPDIR}/.istempdir; + +setLiveReleaseDate + +# Create ebuilds +createEbuilds; + +cleanTmp;
